Term 451
STIX
STIX (Structured Threat Information Expression) is a standardized language and serialization format used to represent and share cyber threat intelligence in a consistent, machine-readable way.
Acronym study
Terms 451–480 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 451
STIX (Structured Threat Information Expression) is a standardized language and serialization format used to represent and share cyber threat intelligence in a consistent, machine-readable way.
Term 452
A storage firewall is a security appliance or software that controls access to storage systems, protecting data from unauthorized access, malware, and insider threats by inspecting and filtering storage protocol traffic.
Term 453
A stored access policy is a server-side set of rules that defines permissions for accessing data or resources, applied consistently each time a request is made.
Term 454
Strategic intelligence is the process of collecting, analyzing, and applying high-level information about threats, risks, and opportunities to guide an organization's long-term security decisions.
Term 455
Structured logging is the practice of recording log data in a consistent, machine-readable format, such as JSON, so that it can be easily searched, filtered, and analyzed by automated tools.
Term 456
Symmetric encryption is a cryptographic method where the same secret key is used to both encrypt and decrypt data, ensuring confidentiality between two parties.
Term 457
Syslog is a standard protocol used to send and store log messages from network devices and servers to a central logging server for monitoring and troubleshooting.
Term 458
Sysmon is a Windows system service and device driver that logs detailed system activity to help security professionals detect and investigate malicious behavior.
Term 459
A unified cloud-based service that lets IT administrators centrally manage the configuration, patching, and health of a fleet of servers and virtual machines.
Term 460
Tactical intelligence is the analysis of real-time threat data to guide immediate defensive actions in a security operations center.
Term 461
Tailgating is a physical security breach where an unauthorized person follows an authorized person into a restricted area without proper authentication.
Term 462
TAXII (Trusted Automated eXchange of Indicator Information) is a standardized protocol that enables the automated sharing of cyber threat intelligence (CTI) between organizations and security systems.
Term 463
A Teams policy is a set of rules in Microsoft Teams that controls how users can communicate, collaborate, and access features within the application.
Term 464
Telemetry is the automatic collection, transmission, and measurement of data from remote sources to a central system for analysis and monitoring.
Term 465
A threat is any potential danger that could harm a computer system, network, or data, whether from a malicious hacker, a natural disaster, or an accidental mistake.
Term 466
A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.
Term 467
Threat analytics is the process of using threat intelligence, machine learning, and behavioral data to identify, assess, and predict cybersecurity threats in real time.
Term 468
Threat emulation is the proactive simulation of real-world cyberattacks within a controlled environment to test an organization's defenses, identify vulnerabilities, and improve security posture.
Term 469
A Microsoft 365 security tool that provides real-time interactive reports to investigate and analyze threats detected by Microsoft Defender for Office 365.
Term 470
Threat hunting is a proactive cybersecurity practice where analysts actively search networks, endpoints, and logs for hidden threats that have evaded automated security tools.
Term 471
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats that helps organizations defend against attacks.
Term 472
Threat modelling is a structured approach to identifying, evaluating, and documenting potential security threats to a system so that defenses can be built proactively.
Term 473
Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.
Term 474
A threat vector is the path or method a cyber attacker uses to gain unauthorized access to a computer system or network.
Term 475
Timeline analysis is the process of ordering events by their time of occurrence to establish a sequence of actions during an incident response investigation.
Term 476
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
Term 477
A trace is a record of the path and timing of a request or operation as it moves through components in a system, used to monitor performance and troubleshoot issues.
Term 478
Triage is the process of quickly assessing and prioritizing security incidents based on their severity, impact, and urgency to determine the appropriate response.
Term 479
A Trojan is a type of malware that disguises itself as a legitimate file or program to trick users into installing it, then performs harmful actions without the user's knowledge.
Term 480
A true negative is a test result that correctly identifies the absence of a condition or threat, meaning no false alarm occurred.